The healthcare industry has become one of the primary targets for cyber security attacks, and they know it. Therefore, in an attempt to block cyber criminals from attacking their facilities, the healthcare industry plans to increase their cyber security budgets. According to the Herjavec Group, in the next five years, medical facilities will spend over $65 billion in cyber security protection.
Spending more doesn’t mean higher protection
Unfortunately, just because these facilities are spending more, doesn’t mean they’re more protected. Finding a security solution that is preventative in detecting malware is what is most important. Many security solutions focus on remediation — fixing the problem after an attack occurs. This is no longer a logical approach. Dealing with a breach or ransomware attack after the fact is not feasible. Once these cyber attacks occur, it is too late. Systems are down, files are locked, and/or patient information has already been acquired by the cyber criminals.
Why target the healthcare industry?
Why is the healthcare industry being targeted by cyber criminals? There are multiple reasons. First, patient files are going for roughly $60 per file on the dark web. Therefore, it is far more lucrative for hackers to spend their time stealing medical files, compared to a social security number or credit card information which sells for about a buck.
Also, they’re an easier target. Often times, hospitals and clinics are running outdated programs and/or operating systems. Because they are outdated, they have unpatched security vulnerabilities. Essentially, a back door is left open for hackers to gain access to install malicious software or breach the facility’s systems.
Lastly, after they are hit with malware, such as ransomware, they are far more likely to pay to get their files back and their systems restored. Taking complete control of a hospital’s servers would mean the facility would likely go offline. This means no electronic records, no electronic imaging, no emails — operations would go back to doing everything with a pen and paper. Now it isn’t unrealistic to assume a facility could function in such a way, since it was done once upon a time. However, in today’s world, medical professionals are accustomed to the luxury of electronic systems and technology to help diagnose medical ailments. Taking that away doesn’t sit well with them. This isn’t to say every facility hit with ransomware will pay to regain access to their systems. Recently, Erie County Medical Center was hit with malware and they have spent the last two weeks trying to slowly regain access to their systems. However, some aren’t that patient.
What to do next…
It is time to be proactive. By using a security solution with a whitelist approach, any files or programs that are not deemed safe will not be allowed to run. Therefore, significantly mitigating the risk of exposure to malicious cyber attacks. PC Matic Pro is a security solution that includes an automated, global whitelist.
It would also be best practice to back-up the facility’s data at least once a day. These backups should be stored on an external or cloud device.
Facilities should also have a disaster recovery plan. This plan should explain, in detail, the steps the facility will take if a cyber attack were to occur. This should include how the facility will restore their systems, where the backup files are stored, who will lead the restoration process, etc.